Is MSN Messenger a security risk?

C

cato

I know it is a sacred cow in MS domain. But I found Microsoft Messenger (do not mix it up with the Messenger Service) is a security nuisance for my XP with which I am quite satisfied otherwise. I am running XP's own ICF firewall, ZA (free) firewall and NAV 2003 antivirus software. The combination of that three would work beautifully. I just can advise it to all single computer XP users, but the Messenger!

When running security tests as e.g. Symantex's (and a lot of other e.g. Sygate's as per the advices of MVP's) found all TCP/IP ports and ports of Trojan threats are qualified stealth (the best) only if I kill msmsgs.exe. When this unwanted and seemingly harmful program returns after a while, even if its process once terminated, most of my TCP/IP ports security level is damaged and some became wide open to attack.

I never used and will never use the Messenger and blocked its built in server by my Zonalarm firewall. But that unwanted guest returns running damaging my fine security by opening ports to attack.

Is there a way to get rid off this sticky program built into XP, unfortunately. Messenger seems to play to the hands of the hackers and other cyber criminals.

All of those good security advices in this newsgroup are in vain if an unused and unwanted program like Messenger can reduce internet security against the will of the owner of the computer and its software.

Those who use Messenger shall take the associated risk, but the others shall be left secure!
 
G

Galen Gregory

Umm... Turn it off... In OE also disable the contacts pane or it will turn
itself back on again...

Security is a process, not a program. With a good firewall you can configure
it to allow single access only through any messenger client and review each
connection as you wish.
 
T

T O M M Y

Cato,
Many thanX for your security warnings. I remember that I disabled the Messenger service in the very first day I'd started using XP. To avoid it from running when you do not really need it , open the messenger , Tools>Options>Preference. Uncheck the two boxes " Run this program when..." and " Allow this program to run in the ..." . This reduces the risk as you mentioned and avoids msmsngs.exe from running unexpectedly. But remember that you'll need the service running when you use MSN Explorer.....this no one can stop.
-------------------------
I know it is a sacred cow in MS domain. But I found Microsoft Messenger (do not mix it up with the Messenger Service) is a security nuisance for my XP with which I am quite satisfied otherwise. I am running XP's own ICF firewall, ZA (free) firewall and NAV 2003 antivirus software. The combination of that three would work beautifully. I just can advise it to all single computer XP users, but the Messenger!

When running security tests as e.g. Symantex's (and a lot of other e.g. Sygate's as per the advices of MVP's) found all TCP/IP ports and ports of Trojan threats are qualified stealth (the best) only if I kill msmsgs.exe. When this unwanted and seemingly harmful program returns after a while, even if its process once terminated, most of my TCP/IP ports security level is damaged and some became wide open to attack.

I never used and will never use the Messenger and blocked its built in server by my Zonalarm firewall. But that unwanted guest returns running damaging my fine security by opening ports to attack.

Is there a way to get rid off this sticky program built into XP, unfortunately. Messenger seems to play to the hands of the hackers and other cyber criminals.

All of those good security advices in this newsgroup are in vain if an unused and unwanted program like Messenger can reduce internet security against the will of the owner of the computer and its software.

Those who use Messenger shall take the associated risk, but the others shall be left secure!
 
C

cato

Thanks all good advices Guys!
Though I never opened Messenger and want not to touch it I used your advices.

Additionally to those who have the same problem I summarize:

1) Use the former advices in this thread.

2) In Symantec's own Norton Anti Virus control panel delete checks for instant messengers. It can interfere with msmsgs and rerun it if remain checked.

3) In XP control panel add/remove remove MSN Messenger whose name there is not Messenger but the deceiving, misleading "Add in ....."

4) Finally after Control/Alter/Delete in Windows Task Manager do not afraid of "End Process" the msmsgs.exe even if the subsequent pop up warns you to unstabilize, it will not though!


I know it is a sacred cow in MS domain. But I found Microsoft Messenger (do not mix it up with the Messenger Service) is a security nuisance for my XP with which I am quite satisfied otherwise. I am running XP's own ICF firewall, ZA (free) firewall and NAV 2003 antivirus software. The combination of that three would work beautifully. I just can advise it to all single computer XP users, but the Messenger!

When running security tests as e.g. Symantex's (and a lot of other e.g. Sygate's as per the advices of MVP's) found all TCP/IP ports and ports of Trojan threats are qualified stealth (the best) only if I kill msmsgs.exe. When this unwanted and seemingly harmful program returns after a while, even if its process once terminated, most of my TCP/IP ports security level is damaged and some became wide open to attack.

I never used and will never use the Messenger and blocked its built in server by my Zonalarm firewall. But that unwanted guest returns running damaging my fine security by opening ports to attack.

Is there a way to get rid off this sticky program built into XP, unfortunately. Messenger seems to play to the hands of the hackers and other cyber criminals.

All of those good security advices in this newsgroup are in vain if an unused and unwanted program like Messenger can reduce internet security against the will of the owner of the computer and its software.

Those who use Messenger shall take the associated risk, but the others shall be left secure!
 
G

GoumbaYa

get a clue

I know it is a sacred cow in MS domain. But I found Microsoft Messenger (do
not mix it up with the Messenger Service) is a security nuisance for my XP
with which I am quite satisfied otherwise. I am running XP's own ICF
firewall, ZA (free) firewall and NAV 2003 antivirus software. The
combination of that three would work beautifully. I just can advise it to
all single computer XP users, but the Messenger!

When running security tests as e.g. Symantex's (and a lot of other e.g.
Sygate's as per the advices of MVP's) found all TCP/IP ports and ports of
Trojan threats are qualified stealth (the best) only if I kill msmsgs.exe.
When this unwanted and seemingly harmful program returns after a while, even
if its process once terminated, most of my TCP/IP ports security level is
damaged and some became wide open to attack.

I never used and will never use the Messenger and blocked its built in
server by my Zonalarm firewall. But that unwanted guest returns running
damaging my fine security by opening ports to attack.

Is there a way to get rid off this sticky program built into XP,
unfortunately. Messenger seems to play to the hands of the hackers and other
cyber criminals.

All of those good security advices in this newsgroup are in vain if an
unused and unwanted program like Messenger can reduce internet security
against the will of the owner of the computer and its software.

Those who use Messenger shall take the associated risk, but the others shall
be left secure!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Returned vulnerabilities, Messenger Spam, pls. HELP 2
disable msn messenger pernamently? 2
Manually Configuring port numbers so MSN Messenger can "file transfer" when INt. 1
MSN Messenger 1
update MS Messenger problem ... 2
Is Java Runtime Environment a risk? 12
Popup in Windows Messenger 2
Windows Messenger 1

Top